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Abstract of JP2002297551 

PROBLEM TO BE SOLVED: To obtain an 
identification system which safely and surely 
performs user identification even between 
different terminals. 

SOLUTION: Biometrics information such as 
fingerprints, irises and handwriting of a user is 
encoded by using a registration terminal 20 
beforehand and registered in an identification 
information storage server 10. Also, key 
information for use in encoding and decoding 
it, registration terminal model information and 
user identification information are recorded in 
a portable personal information storage 
medium 30. When receiving identification in an 
identification terminal 40, encoded biometrics 
information acquired from the above 
identification information storage server 1 0 is 
decoded by using the encoding key e1 of the 
personal information storage medium 30. The 
user identification is performed by collating the 
decoded biometrics information with the 
reentered biometrics information. 




***** 



ffttKttr 



to 




—r 

22 30 



WW* 



MAJSU 



natur 



ZZ7 



42 



Data supplied from the esp@cenet database - Patent Abstracts of Japan 



(19)0*S#fFJt (JP) 02) ^ |] $g (A) (ll)ftir-ffiffi£M§^ 

#^2002-297551 
(P2002 - 297551A) 
(43)&MB ¥riil4¥l0fllia(2002.10.11) 



(51) IntGL 7 
G 0 6 F 15/00 
G06K 17/00 
19/00 

H04L 9/32 



3 3 0 



f i f^3-r(##) 

G 0 6 F 15/00 330F 5B035 

G 0 6 K 17/00 V 5 B 0 5 8 

19/00 Q 5 B 0 8 5 

H04L 9/00 673D 5J104 

6 7 5A 

am* mmmv&s ol (^2iM) &mmizwt< 





#SS2001 - 1 01906( P2001 - 101906) 




000006013 










(22)ffigBB 


¥J£13^ 3 £30 B (2001. 3. 30) 




















^3K?P^BBIX3tl©rt-TS2#3# = 














(72)5BJ0m 










^CfP^fflK3tL©^-T12#3# = 














(74)«S1A 


100089118 



















(54) fBSEfX-xA 



(57) imfo) 

a— If I DflttR£!^?3ttmMftffiB«ftKtt3 OKiB 
flkL-cte*. f21E^*4 0«:fcl>TigH£§W£|5£K:. 
±12 L/cIgiiEtf fR^flif-^ 1 0 *>68tff LfclB^9F* 
(DA^^hU *^1«***©fflAfll«*««*3 0© 
Bg-sf-ffcfte l£fflt>T*sfU m^itUtcmrji b 'J 
**t##g£. i&L#>X KfyijtcJ* 4 b 'J i'^lffgi^ 
M^-T oCita- -if <DI25E£ fc C fc 5 . 
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[ imm i ) 4>fc < i h vsmtrnzim l tc® awm 
h y tuiafSA«$R^fflj«f**^^iA 

^qpMbM£J&l>-C4HHbU BfrBWbOfcx-f h 
**1f$R£SlfU SfflL/fc^'-Y^"^ hy^XfffR^S 

^1- y **tt$R£. fltrfBffiAtfffiS&M^fee>K*& 
^«HWb«*JBi»Tiif<Hbu ^HMbi/fc^-f*^ h 

^xm^R^sfiL.. fsfiufcis-^fcaf*©^^ *y h y 

*Xtft$R*gfltU SfflLfc^*^ h y **ttfR£g 
5j?{ciED-Cjilfi^-Si2iEtffRSW-y--^-<*:. 

laisntf nmm^-^hwm^mtm^<o^A v 

y * Xt»fR^BuiefiAt»$SSS^ftA>6SE^^/cBi# 
tclz visa >*-£^{f U ^fiL/edt-^t^O-tz ? 

m^m^x mmt l . ts-*Hb u & -t ? -> a > * - <t buib 

-1fiSliE?r^-r.Sl^tc. •b^^3>+-?r^Xb. * 
fiKL/c-te^->3>+-?:B«iB^Pg^rBi#ibO. B§-Sf{b 
Lfct^3>*-£MtBI2SE*B3fcK:i£{iU fulEBf-^ 

itutc-iz v ->3 >+- tm^t&m*miimm.mLiPh*t 
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[ imm 3 ] 'j>u <th vsmmzizm l tern Amm. 
^—*r<Dmi<D^utstb')^^mn=s:At}L, a^l. 
io i- y ^ xttf Rtc^g ij u . &m 2 <zw ^- y h y x«$r 

«rt!TiBliA19«S»«ft*>6R*iiAfc-Bg#<bii*fflt» 
TDg-Sf f b U . Bf -Sf {b b fcSJH 2 <0>~^A h y i 7 Xf«$R 

Buia^^Jip e> int $ n/cBg-^^ m&<om 2<d^~<* 

* v y *ximi:m*icmcxmm-rz®.$k<Dmmiim. 
a.— v y ^^tt$R*A^-r^4t*>tc. gtr 

20 K«»©l8IEIf **a*--'f a&» €> BMlBBg^{b^©0 2 

©^v^-y h y **tt*R£^(iu ««ofci»*Mfc»* 

©^2©^'-{ 3 }-> h y ;J'*t»#R£iifF!3<@AtS*RgfS& 

<**»6R*i^^ais#<Mi*fflc>ra#fb L/ . m^b l 
ic&w.2.<r»*4*j* v xitm*m'&uxime,mi<D 

* v y^xitfRiA^L.^w^-y h v#>\m&±*m 

H>rlBS^^. BufBISIiEff #R^aif--^'*J <fc C^mriBiSliE 

30 ffimmmmm*ftLxm!&$ti-rtct=s:<ftm±-rzt8. 
Lfc®Aiimwm&&t> 

a— ifO^ld^Mt^ h y i'^tf^R^A^jL. A*0 

fc^i ©^--r^-^ h y ^xt«R*ft»©^2©^-'( > 5j-y 

*WIEfflAtlMRWiJ«#*» 6B8*i^AfBS^bll*ffl(, > 
TBf^bU Bg-^{bL,fc#m2©^V*^ h y f Xt»$R 

40 mB9fMa?M> 6iM<t $ n/cBg^b^*©^ 2 ©;-w * 

^ h y ^xt»#R*B*{ctt.(;r^iit-saS!©i2iEt»fR 
jl— tf©^^*y h y trxmmzAJjtzttiiic. m 

IB^UWBSEttfg^S-y-^^ 6BUfBBg-^{b^f*©^ 2 
©/W^> h y f^1t$8?:SmO. ^ItOfcBt^b^ 
©§^2©^W*^ h y f^tf#R*BUfB{iAtt#RSa{« 

(*^6R*iiA/cBg-^{bli*fflc»ra-^fb L. fg-sf (b L 

50 fcS^2©^V^^ h y^^ttffi^fif^L/rmilBmi© 
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£ u -c jH^e* £ u BuiB^fEii £ *t cc <c 4 &mm 

*iA^«ffl»l*fflt»rtS-^ftO. ffl-sffbL-fc-te i.-> 3 
- 4 mfiBM^m 4 * JWiE«HE*tr«J*M b U Rg^f 

4. 

S^i^3l3?©1f-bf;*£ji«-r£4 4fccc. mffB^ffi io 

— !fBBE*i?*-r4BHC. -b » Is a >*-££J&U 4 

Ofc-fe ? -> a > * - &f!ri3!8SE*g5f;K: jMff L , iulBBf-if 
IbLfc-tz v is 3 - iJlll^S**»lBBSiE4il**»6* 
ft f 3 T v' V -Jr - a >t>- 4 . 

ffilB&fikttfti. BUlBsSSEt»$R^»-9--^*. msEMMm* 
is J: zmUT 7Vir- -> a >1f -^MijffiMIsI^^ b T 
S^^n/cCi^tti-r-SliiE^^'rA. 20 
[fi5RJM5 ] BufBISIiE1ttRS«^-^'*^aC/^W 

*y h y **tMR4Hrts©>< h y zzmmzw 

ffiSBSnas^ra . bu f zmim^mv tat jtuiB$ 

Ltcm-M h y fxmmimmi,, 
mzmmmmz. miEmm^mwmv-^itamsm 

[#fcBJ©i*iHB&i»HJ] 

[000 1 ] 

[#^©ji-rstrd5#s?] c©»iw». jim@«*/M^ 

[000 2] 

pajT* -5 \sls ~j r • KS-^^C cT^tS^vCjsis u/cO . 
[000 3 ] CCT. \-±<Dftmtim<D 

mt:&iXB§mktmmtt : j6ctj;*>j}mx-&z>. - so 
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ommftWA. ^te£&tn~>x^z>^-fimx 
fb4 f jntfl:**? c «n,». 4 ^ 6^-^©iir-Dg-^fb ufc 

r- £ « . & 5 I > 4 «-5f { bT-£ &(, > 4 

[0 00 4 ] C©^gg^BS#gSfC*5^-C. SfBB^itt, 

pb s nt *$ . it-c. l-cw^-c* -5 «fc 5 3 nr 
tti»»«:S^.S*J. *«-e^-ctt&<. ^SBSS^risli^r 

x-mmt-t scitao, mfr tc ■€•© 7=- » a^&sifs 

Jf^iC J; -5 rug^b 3MCi *S6Sf* S 4 fij* 

c<t*5-c#. c<D®m*nmvtci><D-t)K t>*>«»i^ 

[0 00 5 ] ^^;l/S««. (^«*) =&if$« 

6^ v ~> ^ ffi?:Jft(±J-r £ Cit'y >-fe- ^©^/hss-c* 

-fe-^^^ ^ h zmmmsm<DU®mx^it? z> 

[0006] T'^^JUg^^JfflLitlgiE^Xf-AlJ. 

©H^(ci<3lf^3ti^©d5-^:a<j-c*-5„ CCT, <2> 
gflgl^aES <!: « . ^ »^ -fe - ^(t#*5fir- * -5> *^ SrJtSS 
-C^-St>©-C*f3. MS. s2H*^W/t^ v -fc-So£fg 

^©^pggi<t-?-©> * •fe-s?ai(i^tcHf 5W*b (m 

6#£ff3ft. ^f*^W/c*A©^*5. -e©iSUS«:» 

[0 00 7]-^, ^l— tflSSE^fcCfc^S;© — 3L/ 

hy^xi2IE4«. J&gL w^. «^«c4' 

©<!A{c@«©£#tf}fSCcg-3i,>T. a— y*^5c-r-5 

l/ttt. *:A«^-e4l?:^fr^C<!:«^pJtgT* 

[0008] c<D£*>t£jn*j h y zz.ffi&zz.-y 

tmicmmLtc^tiy^y-AtbXit, WAtf1$g32 0 
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00-092046 -^K: rjtpai2liE'>Xr Aj tffflinS 
*t.ti>£. ccd raPiiSU->xr aj tt<fcfttf, a— !f 
©fflAIJMRT**'*-^.* h y *xt£fR£Dg^{bL<, 

h y ^Xt§fR ; &a--!fA5}g^ofci2|jE-9--^'tc(D 

*s y y a— ^MAo-y^-i^is-*. 

, [ 0 0 0 9 ] 

fcfy^JH^iCiia- ?fiSliE-C«, —ft. 3>fa 10 

h <Dt£ K> ? £ L £ Eft <" C 4 VS.X * tt tc. 

*ttfi-C # 3 4> ©-CI* & #> o ft:. 
[0010] ±ffiLfc^Fgg 2000-09204 

6^tc^© riSFSiSfE^x-r-Aj XIX. ISiiE-f---'<WJ 20 

[0 0 1 l]£/c. M^*t£t4&S;-W*.y 1-y^Xtil 

$r. -r^^b^^^n/cvw^-^ h y txmmz. m& 

-otcm^icit. ^a-** y 'jzxmnzmffibx, &<j 30 
t * l h aimt as -njmttm^. 

[0012] C©#£l?m;U:fBH®.££^&T3fc»Kfc 

4-rs. 

[0013] 

mmzmf&Tz-tcib, tcfgajK^^tgiiE^XT-Acc 

o X tt. 4>fc < 4 4> Bg-Sf f bSISriBiS LfcflAtitfR^fl 
$#4. 3---?<DJ<-J*J Y y PXffimZAlJO. A* 40 
L.;fc;-W=j-y h y *xlt$R£. BuieiiA«$RS«^<*^ 

y y ^ xttfR5riJim-rsgii^*i. msBBgua 

wmu, wmvtcju*j y y z^wkwrncfotx 
mm-?zmM.ffimwmy--'*±. 3.-if<D>u*s y y 
zx\m*A3}-?h±tt>ui. m-emmmmmv--^ 

§fs LtcBSmmwU *SYV>? Xffi IR?rBUlBfiA 50 
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> h y*^«ai*fi8^rSBffiil8*i. *{fx. flu IB 
[0014] CCOiiiCthit S>f>A>Di6Si^bfi:^* 

-^-^ k y ^xit^R^. ^sutcfis-r-s^tiEiffRsm-y 

S^Tfc. fflAm«»8Mif**»"rc<!:©*-C. Bg-5f 
{ t* i 45 o fcfflABiE**ff -T SCi *s pj^i ^c^> . 
[0015] o^*co^HJCc*^^ISII->X7-Atc$>or 

L/> Atii,tc^-i*M hy^xttfR^r, BtreafflAtims 

tciDDr^fg-r^lgSEttfRSW-y— ^4. a— !f 

^-^ h y t>z.mm*At>-?2> 1 1 bic. mmmmmmm 
mv-^ibmiimmm^o)^^^^ y y v^m®.* 
sft o. *«oytw^b»*(o-'<-f*-/ h y zxffimz 
msmAmwwmm#frt>mfr&A,tcB%^itM*mi.>x 
mmtu. mmtutcmrs y <)?xmw±At)Ltc 
^4** y >) *xmmtzm&LX9M'&!&mzmt)L. 
mm-mmtictitKz&mMxBg^tzntc-te v~>a> 

#fbu mmtutc-t >->3>+-4fiuieflB^*SJ&4* 

SuiB«E!ESIrBg-^b U . Bg-^fb L fc-b ~> a - 4 BS 

f#L/> mJIB^SE^«:>pfL/r^-ifi2iiE?:S*-r-5»^ 
tc> •fe^->3>+-?r^SL/. ^fiSL-fc* ->3 
^l«IBfiggilT-Bg^b b. Bg^b U/c-fe ~> s > + -^& 
WIBIgSE^*«:jllftU. iiulBBi-sHbL/fc-te ^ ->3 

i ^^m* ttiBB&Ei&E* e. sir sr^yer-^g 

>-y— '<4. ^flSA.. buIBI^^*. BufBi2iIt»#RS« 
•y--^*. B!)IBI2iiE^teiO c fulBT7-y^--->3>-y--- 
^-ttiimisl^?:^ b r $ tlfc C 4 4 f Z> . 

[0016] C<Dmmc&ti\t. ilAtflR^aMfttCBt 
^1'bSfc «fc c?«!®^©i#fR £f BiSt / >'y-5'-S>3> 

■y- / <*«*if r zizv^3>*-t mmm%.±x-<D'< 4 
y y * xmmcDm^i&Mktzz&im^&ic^-ix 

S a — !f !2iiE£ pjfigtc f -5 „ 

[0017] r>^<omMiCiPtPi,^M^'^7-M,l l c$ ) '>X 
«. ^<c< i4)Bt-^{b^IBISLfcfiAffi?R^ffl?«(* 
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i. jl— «f©» 1 ©;W?M b *XtiWR*A#U A 

^L/c^ i <d*<i** v y **wffi*ffl«©#2©>w 
m^t:a§mtL. BS#fl:i>fc&l& 2 ©/<-<*> h y** 

/ f cHf-^fb?^©^2©^'-Y^-^ h ■Ji'^lSISiSfiO. 

h fxai mzAtitz 4 4 4>tc. Btjieasfc©g?. 

y *xlf#R£«7tU flTcO/cSIl©^*-/^^ i-y^* 
W$R4A^L//c^*-Y^> h y**1«R4£flg^-rSI3U 

'**s ^vmizmmmmtmm&iffiizftLx n/c c 20 

4£!f#g!t4D-S 0 

[0018] C©ffeBjtc«tii(*, SISti$R£«iS©IglIE 

n^©-y-^*^6©tffg^#^-r-5©-c. — o©^^^ 
y h y f xtf#R^-- ^©■y-^*-c^o-c , gs$iT.sc 

4*5&< 

[0019] -^^©^{c^-SiSil^X-r-AKl^-or 

at. >ptji< tbv%mtmi<s&vwmmzmmhicmAm 
a#u At>istcm\<D^4*j bv ? xm%i>km.m<D 30 

mi<D*<<-*j* h y **t»$R«::»*0U *iS2©^-f* 
^ h y i7Xtt#g^Buie[iAt»fR^S^»^6^*jA^<: 
Bf-EHbStSr/SOTBg-SffbU S§mtLtc^m2(0^^^ 

s v y i'xtt$g^{fr^g^^4 > BiriBaisiffl^ 

6j£<l 5n/£:Bg^{b^©m2©^'^*y h y**1#$R 

^ftL-fcBf^b??f*©02©^v^> hy^ 

a-tf©^*^ h y ?xt»$R£A^-f &44&K:. bu 
IB|giS[©igiE«f E.WffiV-'*& 6IWBieMtfb»*©JS 2 40 

©^-f*> h y **tt$R£§fiu «i»oft:4H»fb»» 

©S^2©^V^-^ h U **tf$R£iiutB{lAt#$R^l$ 
»^^^*jAA/cBf^b^?rfflur«^bt. ?S^bL- 

fcs^2©^w^^ h >)?Affimzffr£i,-cm%mi<D 

* h y t>Xffin±AXLtc'<4*J h y**t«#R4£M 
VBgmt 3 ft/c -fe 9 ^ a > * - U gftOfcBf-^ 

fr&Astctimmzm^xmmtu. mmtutc-t-yisa 50 
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4. *^-»BSl5|«!RO-y-e^Sra«-rSi<!:4>tC, buIB 

IBBf^ b U fc-te 9 ~> a > * - 4 M^*S*«r fitSBISSEig* 
*6SffT^T7'y dr—>3>-y-->'<4 t buIB 
g^S*. BtflBS!aEt»*RS«-y— ^\ BufEISiiEiS^teJ: 
OmilBT 7" y dr— > 3 >-y-;-?Wfflfi H^^/rLrJE^ 
$fifcC4^H!t4-r^,„ 

[0 02 0] C©#PJ cestui. S»t»fR%HSSJE©SSSE 

n ib <ov - > e>©tt * r* m&ir jtitK. fa ais « 
k Bi#f mis «fc o*emsi©tf $r?t sb» u tt - 
yy-j/a>t-/ <*5^^f -r s-fev>-3>+-4 isibs 
thwu*^ h y fxmMDmgmmtzGi&imiig 
-^fficcctor-^yaxor-s©^^ --3©AV*y i-'j^ 
^m#R^ — ^(DV-^x^fpoxmrn^tii ci^ < 

[0 0 2 1 ] o^©^(c*^.&iSfl^XT-AK:abo-c 
B. ±SB^Hjtcte^r. «flBBBEf»«»«*-^3W»a 
Ltcm-st h ';^XtffR4|s)F«gg©^--C^^ h y i'^ 

«*r*ss u/ca»© 5 7 -■!>•-'<«:«*. , mssafimi 
«iiiBsiE«*RS»-y--^** tc\mtmm> z^- 

h y ^Xtt$R4iifiL-> BtlIBigaE4g*«. MfBsSSEtt 
—0^6. B?fBBf#{bO/c^V +^ h y ^^tf$R^rSfi 

-rsc4^#©4-r^. 

[0 02 2] C©#6Bj{cj:ti{f, ^©ISHEttfRSBI-y 

[0 02 3] 

[^BJ©HJS©^] KTFK:. C©^B^«:3!>^^i2iiE~> 

r-«fti^ 

[0024] mi&<D&f& 1 . $ -r. mMmm 1 k:*^^ 

©»tt. stt». »^^©^'-r*^ h y zxmmzvzmt 
Lx&mtmwm-* 4 ^tc^©Bi^b 

*><fctm-SHb©/c«>©gitf$R. SIS^^flittfR. a- 
■y*I Dltlfi^a«*B[^ft{lAt«$gSffli«{*«:iBlSur*j 
#. !2iiE^«:*ji»-cs2iI«:§:W^^K:. ±fBL-/ci2fI 

tf#Rsa-y-^**>6Mf L./cBi-^^©^--!'^-^ h y 
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I I £ *s C & 5 C <!; & 4$ffi i O r l » 4 . 
[0 0 2 5 ] B 1 B. 1 KjtafeSffiSE^;*?- 

»o©7fJ<S 1. «c*>^SIggiE'>x^ Att. BKflHRSat-0- 
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ttSRSfS-*-"? l 0 B. af3tfl;fc2 0*«63S« 34a/c<@ 

ABaEt«« *a» l -c sssra- s t £ t> k . ssemi^ a o 

6 <0»*tC(K CT. ggi 3 ft fcflAISffiEtff f RSrilfl -r 

So 

[0027 ] 2&iS*2 0 1*. afiBM9 ^btS« 
SftSm-^iSIR?!!?©?!* ©If- ex^S^S C t tfi 

£. PDA (Personal Digital Assistant) . CS?fr^fS 

SCi *^ttttfflABtSEt»«A*» 22i. flAtt SR^ 
8HK&3 0 <t£iS:WTlgf£;*ft£. 
[002 8] S2SBSS*4 0 B. g«*8*2 0 ©fflAISfflE 
tt*RA2>SI5 2 2 &ftttlffi©fflA.3EflMRAA.94 2 i . 
fflA««*8BI*3 0i4M*fCfllfiSSti. £t£©filJ£ 
B«»iB* 2 Oigfe •>&!.». i^T, 2&ifs*2 0<!: 
1211^*4 0£B^gt?lJ£±;K^t|2:siJ3ftSc I***. 4>ft 
< ifc5R*«:*5t»-C. fflAHKtlMBA*»2 2*5<fcO'4 
2 t<lAtS^S^3 0 *»«nH»ttxn v r iB-t 

ft^ftftji©{±i£T-& 

[0029] WAtf. <!Aii?.iEt#$RA*Si52 2*s«fcC*4 
2B. r ') fZffimt UX*—*f<Dmi&ZAl) 

ttfRi Ita- !f©»»*AA-J-4»^CCttXir 
■^>*fflC»rA^"J*fe&*^Uf hOJ^&A*'** F 

[0030]Sfc. flAflt $R§?!$<* 3 0B, Sg#*^ 

5y>»y*y#- F. I C*- K&i'tfti. <fc-? 
r. ^S^2 OKB, C©<iA1ffRgSi8{*3 0£gS 

[003 1 ] $?c. il<IisilS9ti. ttttfr«KtK#>«Nfc 

fc. -e-n^iimisi^itc^^nfc'O*-^-^ h^© 
1 pmzb&ts. 

[00321 ttTKi. m&<mm 1 r 

l»<Dm%K.r>K->XW?ftth» @2B. m)m(DB&.UCtiP 



(f>) »1200 2-2 97 5 5 1 

10 

02(CteUt. ST. a— !fB. a&483t2 OCDfflAiS 

msmAt>m z^^lx. z<D®Ammmw^B 2 

J)?Z> (Xf,7'S101)„ tfiRB. fiAISIIt»$RA 
2>g|J2 2 AiJBtjU* t ^"CAeW^tCB. Sii*^2 0 
B. JH*;* * 1- ^"CK*1R ofc}Sttlffl*36» 6«f«^US^ 

[003 3]o^(c, Siaig* 2 0 B, iRff Uc;<4* 
10 ^hy* ^WKKSt 1/ "C . BB&DflHHtfi e 1 Cc J: <3 Bg 
#MS*SS^ (.XT-j^S 102). frte. c©ng^b 
flte 1 B. a— !T I DllHR*S£^2 0<Dtt&1ft*ti$ 
££&(C. <iAW*R»flH8(*3 0KlB»Stin>S. 

[0034] -p-5l>r t 2^*2 0 B. BgHffb^ftfc 

2 0 ©HSIt^R^ <!: i h K . jifigltt 9 b t 
BH««SfHf--'< 1 O^Cjiffr-S (Xf^'SlO 
3) . BIE««Wlt-A l 0«. XmtNfWU* 

20 $Rr-^-<-^ 1 2tc. *©5E«ilHH*a»-r* (^^ 
•^S20 1). 

[0 035] a— tf». «±©J: ^ ^#«(c J:-, r^V 
h y i'Xtt^aiSMII^^.-St. 2^*2 0 
(CiSiS L- r l .fcHAflrfRSgHBtt 3041^1. S2sl 

Ji*)mmtc9KL,-c*s<. <iA««SfW«»3 0 

b. fijffltupR^ n/c»i»^©AiiaiB#^s^-v^ -©*j 
zmm2axibj:< . c©^. a--y--B. «ife©iass 

So 

[0036 ] oartc. a-fB, g^JSS^2 0 i Bg^c 
*SSE4S*4 0 ^j^ffl-r-SI^. -£©fgfEig3fc4 0 (C<1A 
1tfR^S^(*3 0?r^«-r-5„ -g-OT. a— tfB. BS 
^4 0Sf*>l:^ffl-r-SI^«:. S/cB. tSaESS5^4 0{C 

j: ■= x mmrnm 9 zttotc?- s^tcs* 

^-^ h y ^Xtf#R©A^)WiiiI«tC. i§SE^4 0© 
<lAISEt»$RA*a54 2?:/M^-C. SEO^-T*j< h y 
40 *XtffR£A2>T& (Xt-^7*S3 0 1) „ 

[0 03 7 ] l2fiE^40B. a— tftcj; oTA^^tx 
fc^V^"^ h'J f^tf?g?:-^S}fb. ISfiEtiffRgSI-y- 

-^lOfcwr, aJi?^©fflAi2.5E1t$g. -r^ct>^ 

IS*HtiRW<4*j* r y fXiwfR©g*^. ilAtffS 
SfflJ«i*3 OKgaiS^ftfca— y-'I Dt»fS-^a^^2 
OO^StS-^ii^tC^ftTS Uf^S3 0 
2) . 

[0038] isiEttfR^a-y--^- 1 0 «. mmm^4 0 

3tp6±IB<iAlgiiEttfRS*?rSWB!(-5.<!:. -&©<iAI2iiE 
50 tffRS*(C^SnSa— !f I Dt»^aiSig^2 0©tH 



13. 

mAmmmmT-z^-x 1 2*p6£rcottiu Bsea* 

4 OCCilff-T^) (Xr';7'S 2 0 2) „ 

[0039] fS!Kim*4 o w\ mmmKwmv-^ 1 o 

0H^r^CD^V^y h y SAtftRSStifi 
(^f^7'S 3 0 3) o fOr, g8fflE*a^4 0«» CCD 

m^br-t^n/c^sM h»;^^ts$R<b, ±gax?** 
7'S30 l ccfcc^rA^Stifc^^^^y I- y **tt*R± io 

S3 04) o 

[0 04 0 ]Bi»*40tt, gcOrc>£<fc*IJ 
& i , BKNHt 40S <*<£>filffl^ffi{i |g]ffi 9 ^ 0 

[0 04 1 ] WitCStBJ 0 tc t *$ f9 , SSSODJBSS 1 OC^ 
fr-SBIE^^Alcfcfttf, ^^C^JSl/fc^-Y* 20 

* h y muc&m.?&mmnmmmv~^ 
i o^ifffl-r^o-r, anas* 2 o tmm^A ooj: 

[0 04 2] £/t, S3tc-54a5KPJCC*5l*r*iJfflpI«B«cffl 

a«*rs«#h*3 o ccBt#^b«e i *fa«aori»*<D 
■c. *<D*§mtate 1 rBf^b^ftfc'W*-* h y^x 
Wtt*. fflAt»«*««»3 0*/M,rtt#{b'r4Ci 
#r£, ttJKttK. BfEt»*»«1f-^l 0±CC % rC-f. 30 

h y zxm&zm^itutcvtm-ewmuxto < c t 

^m-r^ch. <iAft«Si8«<*3 0££S«O 
ri»tti»485KTtt, ^-ifBaEtf^ffcr**), tgu£ 

[0043]^, ±iafiAtS$RS^«lf*3 0 CC«/l>tt 

cot-, h y *;Mt«©tf ^x#:**i»»&r 

<>, fiA««»a«#3 o©K«ai*ffiiflr *c ittac 
c>. 'W*-* hy *xm«#is**««©»£. 

tB^*4 oojstsc^* *^©tt»* s — as A or c» 

ft« % a-lf-AJcWLt, «»©»**tt*©*B«* 
[0 044] S/c, Cfttt. a— !f— ACC»l/T. BID 

mm<DJ-mrst b y ^^tf$R/c^r'^<^^^>@scD>'N' 
h y *^t»«*^orfijfflr*4ci*s«r 
BHtt««a-y--^i occ, -Ao^i-if 
«c»or> l^««i«»ft«o5R**Bf-^(bLfc«» so 
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rS»U IBtt^*i-^*«itfcBIE«*iA*^» K 
Sr«x te«BBBa*<D5R*CC fct > r a - If BG&** c 5 

r£&„ 

[0 04 5] mf&<DJ&&2 . OfffC. IgftOJgfll 2 
^SBfiE^^ACCOC^rttW-rs. SB6©J»«2K:* 

^^s->xfA^ tiaras ii^f 

Cft5T^ , y4 r -^a>-y'-^*63L - If B5K>**tf> 6 

e#<bsnfci2vva ffisara-i 
{bor*®fc*^a>*-*w9m*±£fete, bmw 

0 /c -fe v is a > * - 1 mtfc<B&1& 1 4 BffiE > * 

Ate j: o r s ft fcrotett* t * s £ ccaaMirBi# 
fborr^y^-^3>-y-^*tciiiM-r^cir, r^" 
y - is 3 >*y- tec *?i » r J: 0 ft ^fio^i »a -if b 

[00461 H3I*, JB»<DJBJI2«:*3&>*BBE^^ 

l»9!!*««frs. 13 3 te^rtgiEv'Xf-Ar^ 9M« 
^2 0teJ:cnnBMI^4 0tc^«$ft^l@A1t*8S®^ 
^3 0CC % Bg-^fb^e 1 teJJDxr, tiffifliE s 1 CDt#$g 

^la^Sftri^^i, 

[0 04 7 ] CCr\ T^y^-i/a^-^OB, 
9flrBHg <b*«Sftr«^-BW5W©«^©-y--hT^ 

zme&rzttbtc, ±iBimnE3 1 

«*A*Or*0 m ^-IfBfiEO^JKiOr. BfEtKK 
40W^r>3>+-Ks l©«tf**JC<c5. 
ftte. A»B9tti6B«IA». BKtt «S»1f-^* 1 0 <b 
PI«(D3 > fa - ^ ^*^i»r * 5. 
[004 8 ] felT^C. SI*fca»B»2 «C3&>3&>*BBE^^ 
A©ttftCcoi>ritt9J-r£. 14(1 9SttCD^lB2€C3^ 

^^BaE^x-f-ACDa^^-r^o-^^-- hr*4. 

&*J, XttO^A2 tc^4BSE^^A<D«if^Cc*5l» 
r, H2CC^0/cXx vV'S 101-S103, S20 
1, S2 0 2, S301-S30 4(DStoS«ftiiT€> 

S101-S103. S2OlCO0^4tBSUtC^ 8 
[0 04 9] J: ot, CCttt, BfE*B5K4 OCCctiJlB 

(xf^7*s3 04) ©aoftftecoi^rsiwi" 
tf^. r^y^r— >a>if-^5 o^ffitt-rsif-f * 

lii^-r^c ^^i^r, r^y^r— >3>if-^5 o 
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fc&HMIE P 1 X'UgmtLtc&iZT ^S40 1), 

CCt, 7 7''J a >-»Jw?5 0#A^l/T 

KJ&tEp 1 «. *©75"';ir-J/3>twi5 0(CJ:^> 

0. •WSttbTl'&ttttltE s 1 &*ttctt* 

&©-?£> 3 „ 

[005 0] 77 - 'J : ^ a >1f-^'5 0 K J:*4»M8 
Epl©Af«. Wttf. a.-- tf^Tjfer^-ODT^yy 
-i/a>fw(5 OKlTi'-tzXO/diSKC. 7y^-'> 10 

3>-y--^'5 0A^e>3.-if(c>ptur^^E p i *mm 

3— tf«. ■S-cn.-tfHWW&KlglE p 1 tecfctfi&Sggl 
Es l©a^r*. »=*«ffl«BB-C*4BBI»*»€)8l 
f#UT4>J;l,>U BIEilMHSS-9-— '< 1 0 j^tT&C 

[0051] isiE^4 o «. r 7* y dr—> 3 >-y— ^ 

5 Ofr^nm&<Dte vis s>*--$:%:Vm2>t> fiA 

ffiMSflt*g<*3 oiczzmztitcmmmE s 1 ^fflo-c-t 

v/~>g> + -^«-^'fb-r-S (Xf 77'S30 5) . $6 20 
4C. ISSE^*40«. ^7 - S3 0 4!ct5UrteC% 
*>n/cBB^©f*^^T^ ?*-yiXf •> 7'S305 
Ide^rmmtZtitc-te v >-3>*-££fi^gtE s 1 
^ffl^TBg^bb (Xf^7'S3 0 6) . 7 7''^-^ 
a >-y--^5 OtCSHfTS Uf?7'S307). 
[0 0 5 2] 7^1)^->3>1»--/{50B, iSIEig* 
4 0*6. Bg^b2 nfc.BS^$S^*J«J: O'-fe ? ~> s - 

>+-*^7- ■> 7'S4 02 iC*J(,iriSaEffi5R4 0 (Ciiff 30 

L./c i> <ot —a or «,» & *5*>*j«^-r & (^f-^s 

4 0 3) „ — get, Tl> iE^&3,— !f*>6© 

[0053] C©<fc^tC. 77 - 'J^-^3>tf-^5 0 
*il!aESffi*4 0K:^bT-9--f^^jS«T-5l^«:«. ffl 
IS. «CD-b + ^'j7--<^|S]±$ti--S/cfeiC^^^3>* 40 

[0054] «±{C^L,/cifc«3. mk<DJ&m2iCfr 

•>^fA©M«:*tLt. {IAti*Rg«$&3 0K:;*f> 
IC&^E s l©1f$R£l2l3L. T^y^r— > 3 >-*- 
^•5 0*5^f-r^-fef>3>*-<!:i2SE^4 0±-C© 
y **«#S©M£;gm£££&{|^Bi-^&«:J: 

or-^fJKO^-'Scir-. y:/y<7-—> 3 >-y--;-c5 0 so 
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ggl CCi^^StCjJDx.. T^'J^-^3^^-^'5 OffliJ 
[0055 ] 5?te©ff5.e§3. ogfK. HSg©^Sg3tC*> 

#> -5. ssse > x t- a o c s rmm t s . mt & mm 3 «c 

■9--- »<BBIrtS<OfflAHlEtt fR-r - * *c- * £fixT t» 

[0 0 56] I5«. $m<DB&3 UZfrfrZ>&m.*sX t~ 

OT. 01 i&jl-T-SSlWCttPJ— ©|?f4ftlt-e(D 
»B3*«W-rs. 05{C7n-riS§E^X-f AT-tt. 
BHIUSBW-y— '< 10-1-10 - n*«jLrt»*jS 

[0057] SHaEHWBS-y-^J&iflliLri** 

im^2 0*J«fcO*tgSEJS*4 0«, l»-rn©SSEtf*RS» 

[0058] 5»tMS^2 0*. ISU1t?RSS-9- 

10-1 tC^O. *SS©^® 1 {Cfcli-CSiW Utc «fc 
^tcA-r^-y h y r?xm$R©SB§^iM£tec&o/cti£- 
tc«. ISSEt*fRS«-9-— '< 1 0 - ltt. flAISHtffRT 1 
2k:*i^-cg^lIk:cfc f 3aM©*)ofcaJ 
^■^r. ^©iSIEtSfRSS-y--^ - 1 0 - 2 - 1 0 - n tcjl 

*oL/. mffitmwm-*-'*i 0-2-1 o-n». -en 

*ti-t©iBftUCfi!r> r g 2*iIA ifflABtttlMR^- * 

1 2 ©rts^Mif-r -s. 

[0059] ISSEtiJ$RSat>-— 'f 10-1- 

isi-©^©^'^^^ hy^xif^^-r^. i-^ 
t» isns^4 0«. u-rn©issEtffR^m-!t-^'«:T 

f<JfflB$©i2SEt»$RSa-9--^^. <=I 6 <toT 

[0060] &.±icmwutcti<s*). mfa<DBm3icfr 

10-1-1 0 -niC'<<(*S h y fXtf$R?r^aftU 

r^-r-s©-c. — sp©-y-->'^^>Lr^T4). dk 

*rajt6<b<c4. S/c. ft.§ag©ac^|gaEtf$RS 
a-9-->'^jl^jffl^©if->'N-K:^L-cto< c if. 
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*spjfifc£ at o . ibh»#* us u i ammmmm 

[006 1] j«S©^4. ofc-fC. ^lSfe©)fM4K:*> 
*>SIS^E->^f-A«:-P0>rSinji-r4„ tmmmAK.ip 

^ h U *;Mim*«»©flWIHe#«!lO. #89Lfc«tIMR 
4lS^bUT«tt©BffEW«S«tf-'<K:#«0TS» 

><©« ««:aijasoi«afflA«f «ss«(*k8b»t * c <t 

[0 062]16tt, $m<D&ti&4 ICfrfrZiSMIis?. f" 

3»i©JBMM«cjtafr*BffiS/;*'f-Att. m l ©ISfiEltfR 
^S-y--^* 10 0 ( 1 ) ~^n©ISSEtt$R^M-9--^* 1 

0 0 (n) <t. S»4f85Sl 20i. sSSEia* 1 4 0££ 

[ 0 0 6 3 ] m 1 ©SffitiWMBBh*---^ 10 0 ( 1 ) ~ 
»n©BE««*8l-9-— '<i 0 0 <n) B. jt*fe©Jfc& 

1 -cgiwu/ctssEttfRSfflif-^' i o tmm*m$L-cab 

i>. {SU mi ©l2H1t$R^af--^' 10 0 ( 1 ) ~~m 
n©HaEt»«*BH»-— '<1 0 0 (n) ©SISIEIf fRStS 

[0064] a«8S85f? 1 2 0 B, mm<DB1& 1 -ClsiBJ b 
fcSfiWBC 2 0 t|5)«l^fltfiR-C* «3 . fflABKflMRAA 
SP1 2 2 £. [iAt##Kgifi®<*3 0i4SWt^5*s. 

BlEtitfR^SilSB 12 4IJ. fflABBEfttHAAS 1 2 

2*/M,TA*?ti/c^v^^ h v ? xmm*ig.m<Dm 

1 2 2«C0:-D-CJi^il®5!>S|S*iASn)t<!:-r.5i. ^© 

**©«a. (is, iwiiniwsiioitttK^cr*. 

[006 5] BHiiS* 1 4 0 B. m&<miB 1 rttlB L 

fcigaE4S*4 o tmm*mtiK*> o . ibabb««a* 

SB1424. fflA«*B»8Hi#3 0 4*»WC(,»**«. 
■e*ie«:fliitr3 6«:BBEm«flf^»i 4 4*«*.rt> 
4. BSEtf fRtt^SP 1 4 4B. 9MI|3|£1 2 0©BSEt* 

$S£tc© — 3©;-?-/*^ h >;*^i!S««c8gc-r4#l8-C 

[0066] a*. fiAiimcgi«t»3 o b. njfe©i? 

[0067] filTtC. 3Ufe©^SS4K:*'^SI2SE^X7 u 
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07tctet»-c. sr. a- if«, ISJS©J$B 1 tcSMB 1/ 
tc£5t,C. BJMfcN 1 2 0 ©fflABKfiHRA^ffll 1 2 2 
fefl-OT. ?©flABBfff $RA*gR 1 2 2tc*Jt,»rA* 
"JtBttiB©'*-**-* h ') i>xffi$RZAJ]?2> (*f 9 
/Sill). 

[0068] -omc. gmmz 1 2 0 b. rot l/c^-y 

*J V 'J 9 *m mm U BStittRaWtt 1 2 4 (cj: -3 
■C. BfS©SH»©'W*y h 'J *'^«««:»«-r* (* 

10 f-^si i2)„ «ftc. * 1 ©BfflEt»«sa-y--^< 1 
ood) -mnowmmsmv--^ 100 (n)*s 

4. 

[006 9 ] S i&K. 9&ffii$ 1 2 0 B. *t$t£#*ij;* 
ftfc*><-/*\rf h y Lr. BfS©W#ifca 

e 1 CCj; 9 Bg#^a*jB-r Uf j/Sl 13). 4 
*i. C©Bf-^t«e IB. a— !T I DIMK^SWtt^ 1 

2 o ornrnm mmt t i>ic . fliAiimsa^s o icia 

20 tt#Rtc>tturfflc^B§^blle l B, ^a©^©-c*o 
rfciui/. «««iHirRa4«»©'C*or*>j:i,». jfe 

*5. C©Bg#<b«e IB. a— JflDtlMR. SiSffi* 1 

2 o ©«a«ffi*jj:tfsia3teT**&fg i ©ssm$Rsa 

0 0(1) ~^n©iSfiEit$R^«-!)-->'N' 1 0 0 
( n ) ©*1fw«fiWMf4 iitc. aA««m«fl: 3 

[0 0 7.0 SlSiw^l 2 0B. Bf^tStl 

h '^Xtf$R^. JhEtfca- tf 1 DWtR 

i 2 o (ommm «m 1 1 1> k . aMs^ 9 * 

30 /l-O-C. fflA««S«l«M*:3 0«:K»S*ifc±ia-y— ^ 

t»«ccarjt»"r . m 1 commnmwm-v—'i 1 0 0 

( 1 ) ~^n©iSaEt»fRSffl-y--^* 10 0 ( n ) CCiMff 
^"4 Uf^Sl 14). mi ©BSHt#M58h>--'< 
10 0 ( 1 ) -Sn ©KfEff '< 10 0 ( n ) 

©&d--'<b. Bt^t?^*©-'^^-^ k vfxmmm<D 

Smm^HfRi t . flABEW $8^- f<-^12 
fc. *©»«H»«*«»-r4 Uf^S211). 
[0 07 1 ] a— tftt. Ji(±©<t ; 5^^IiltcJ:or^''(' 
^"^ h 'J f^t#$R©ai^a^^-S<!:. §g^*l 2 
40 0Kg*LTO;fc<!At»$RS»*»<*3 O^rBXO^O. H 
m<OBB l tcfct^r or «fc ^ «:. I2H^ uok 

[007 2] -o-^JC. a-tf». ISliE^ 1 4 0 Z&m 
•T ■5^. *©BKtt* 1 4 0 SC[!At# $B§fflJ®# 30* 
i£»-f£. fit. a— !f«. IgaE^l 4 0g(**S 

w^tc. sfcB. bsem^i 4 o«c«t-9ra«iai» 
9 l tcir- tr^ £*§-r .spstc^ s s a -if is 

IE«:*fLT. gjS^^l 2 O^fflC^c-'^W*^ h 
50 tt$R©A^#)B<!:|5iai«:. I2SE4S*1 4 0 ©flAISSEtf 
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* RA^SR 1 4 2 ZftL X . 61 B<D A 4 * > I- 'J * XtSffl 
*A*tS Uf-^S3 11). 
[0 07 3] ISIEiS* 1401*. .a-lftcj: ,TA*^ 

tifc^-f aM h y**nwR*-iaGBJ#u <iAfft*RSSt 

MR 3 0 KiBiS 5 tifc-9w«W*KC J: •) 8We S *i S # 1 
©SSEWWSStlr— '< 10 0 ( 1 ) -#n©HHE1«ll8 
it-^l 0 0 (n) (CftttT. fiMff»OflABEW 
«. -TtttofeflMHtSf*©'*-**-* h y^xl«#R©g*: 
fflAfIHRSa«<*3 0K:BE»3nfca— !f I D1**B 

^ae«* i 2 o ©$mt#$Rag i t i> team t 4 < * f 10 

•>7'S3 1 2) „ 

[0 07 41 ^1 ©BiE««S«-y-— '< 10 0 ( 1 ) ~ 
fSn <Dmt\im»mif-^ 100 (n ) ©«-9— 
BfEKHt 1 4 0*£JbfeffiAI8aEtit*RS**^WIKS 
£. -t©fflASaEtt«**«:**n43.— 9"' 1 D1f*R*> 

i 2 o awmiimmiciGoitvs^m&D'U * 

* h y *Xtf$R£, fflABnEfJMR? 1 -*"*-* 1 2*>>=> 
ffiOlBO, BRiS*l 4 0«:ig«r4 Uf ?7"S2 1 
2) . 

[0 0 7 5] SSE«8* MOB. » 1 ©ISSEtfSR^iS-y 20 
-^100 ( 1 ) ~»n©5SaE1tfR§»-^-'< 1 0 0 

(n ) OQ-y—^frh^ffifrO^J** Y 'J **f»« 
SrSWBt Q^tikfrCD^-i** h 'J **1t$R£. 
•e-fteh{!Att$R^f*i£f#3 0 KiBltStifcHf-^IJi e 
l*JBl»T«^frrS Uf"^S3 1 3) . <*6«C. 

igaESkfc mob, c©m#<b-ct#e.n/cs^v h 

7"S3M)„ 

[ 0 0 7 6 ] -e Lt, ISSE^ MOB, C©Gf£K <fc 30 
3 1 1 Kfc^TA^tlfc^V*^ h y*Xt#$R<fc£JS 
15). 

[0 07 7 ] Sg§Eig*l 4 OB. p** 5 — &0Tl>4£ 
*l»ff4 1 . ISaESS^ 1 4 0 gft©<£fB^iI{f £ 

-s?«»*£*&«7n-*-*. 40 

[0 07 8] yL±.<,cmWLtc±is<0. SISS©^4tCA> 
fST^SiifctC, §£itt$R£Si$(©igEEtif3mfIl7- 

w5«:#fxoT:if30-c*j#. i2SEB${cB-€-ft6©-y- 

^*>6©1£#R£flH^t- £©T\ — o©/n'-C*^ h y^x 
Y y ^^tS^^b-Ct^or-. — o©i2SEt»$RSffl 

■y— ^tcta$^w*> h y i7^ttfg©^-cB^- 
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[0079] i/c. mz.r#x'&m?z>®Affiw.wmm#- 

3 0C£B4>fc< <tfe^SJ$ l ci^-5ISIim$R§»-y--^'i 

'W**&&rtu£J:(r>©-c. h y f*ii!r$R© 
•y x*s* # 1 »«^-c t . (iAlffffiS»ME(* 3 0 ©lett 

[008O] mm<DBB5 . -o^ftc. mtfc<DB& 5 tca> 
*SiSiiE->xf-Ak:o^-ci»Bj-r ^iS©]f^5(c*> 
£ ISSE ^ X f - A B . HJfi©Jf5Ss 2 tc tel, > T^n 0 fclSSE 
tiWHSffltlJ--^*. SEtSOJBaS 3 tc* Ufa J: 5 (Cffi»K 
gb. tt te A^#iS§Et«$R*lf-y ttFlrtSMDfflAB 
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[SCOPE OF CLAIMS] 

[CLAIM 1] An authentication system comprising: 

a personal information storage medium in which at least 
an encryption key is recorded; 

a registering terminal on which user biometric 
information is input, and which encrypts said input biometric 
information by using said encryption key read out of said 
personal information storage medium and transmits said 
encrypted biometric information; 

• an authentication information storing server which 
receives said encrypted biometric information transmitted 
from said registering terminal, stores said received 
encrypted biometric information, and transmits said stored 
biometric information upon request; and 

an authenticating terminal on which user biometric 
information is input, and which receives said encrypted 
biometric information from said authentication information 
storing server, decrypts said received encrypted biometric 
information by using said encryption key read out of said 
personal information storage medium, and compares said 
decrypted biometric information with said input biometric 
information , wherein 

said registering terminal, said authentication 
information storing server, and said authenticating terminal 
are connected via a communication line. 

[CLAIM 2] An authentication system comprising: 

a personal information storage medium in which at least 
an encryption key and a private key are recorded; 

a registering terminal on which user biometric 
information is input, and which encrypts said input biometric 
information by using said encryption key read out of said 
personal information storage medium and transmits said 
encrypted biometric information; 

an authentication information storing server which 
receives said encrypted biometric information transmitted 
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from said registering terminal, stores said received 
encrypted biometric information , and transmits said stored 
biometric information upon request; 

an authenticating terminal on which user biometric 
information is input, and which receives said encrypted 
biometric information from said authentication information 
storing server, decrypts said received encrypted biometric 
information by using said encryption key read out of said 
personal information storage medium, compares said decrypted 
biometric information with said input biometric information 
and outputs a comparison result, receives a session key 
encrypted by a public key to be paired with said private key, 
decrypts said received encrypted session key by using said 
private key read out of said personal information storage 
medium, encrypts said decrypted session key and said 
comparison result by using said private key, and transmits 
said encrypted session key and comparison result; and 

an application server which provides services such as 
electronic commerce and acquires said public key to be paired 
with said private key, and which, when requesting user 
authentication from said authenticating terminal, generates 
said session key, encrypts said generated session key by 
using said public key, transmits said encrypted session key 
to said authenticating terminal, and receives said encrypted 
session key and comparison result from said authenticating 
terminal , wherein 

said registering terminal, said authentication 
information storing server, said authenticating terminal, and 
said application server are connected via a communication 
line . 

[CLAIM 3] An authentication system comprising: 
a personal information storage medium in which at least 
an encryption key is recorded; 

a registering terminal on which user first biometric 
information is input, and which divides said input first 
biometric information into a plurality of pieces of second 
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biometric information, encrypts each of said plurality of 
pieces of second biometric information by using said 
encryption key read out of said personal information storage 
medium, and transmits said encrypted pieces of second 
biometric information ; 

a plurality of authentication information storing 
servers which respectively receive said encrypted pieces of 
second biometric information transmitted from said 
registering terminal, store said received encrypted pieces of 
second biometric information, and transmit said stored pieces 
of second biometric information upon request; and 

an authenticating terminal on which user biometric 
information is input, and which receives said encrypted 
pieces of second biometric information from said plurality of 
authentication information storing servers, decrypts said 
received encrypted pieces of second biometric information by 
using said encryption key read out of said personal 
information storage medium, reconstructs said first biometric 
information by merging together said decrypted pieces of 
second biometric information, and compares said reconstructed 
biometric information with said input biometric information, 
wherein 

said registering terminal, said authentication 
information storing servers, and said authenticating terminal 
are connected via a communication line. 

[CLAIM 4] An authentication system comprising: 

a personal information storage medium in which at least 
an encryption key and a private key are recorded; 

a registering terminal on which user first biometric 
information is input, and which divides said input first 
biometric information into a plurality of pieces of second 
biometric information, encrypts each of said plurality pieces 
of second biometric information by using said encryption key 
read out of said personal information storage medium, and 
transmits said encrypted pieces of second biometric 
information; 
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a plurality of authentication information storing 
servers which respectively receive said encrypted pieces of 
second biometric information transmitted from said 
registering terminal , store said received encrypted pieces of 
second biometric information, and transmit said stored pieces 
of second biometric information upon request; and 

an authenticating terminal on which user biometric 
information is input, and which receives said encrypted 
pieces of second biometric information from said plurality of 
authentication information storing servers, decrypts said 
received encrypted pieces of second biometric information by 
using said encryption key read out of said personal 
information storage medium, reconstructs said first biometric 
information by merging together said decrypted pieces of 
second biometric information, compares said reconstructed 
biometric information with said input biometric information 
and outputs a comparison result, receives a session key 
encrypted by a public key to be paired with said private key, 
decrypts said received encrypted session key by using said 
private key read out of said personal information storage 
medium, encrypts said decrypted session key and said 
comparison result by using said private key, and transmits 
said encrypted session key and comparison result; and 

an application server which provides services such as 
electronic commerce and acquires said public key to be paired 
with said private key, and which, when requesting user 
authentication from said authenticating terminal, generates 
said session key, encrypts said generated session key by 
using said public key, transmits said encrypted session key 
to said authenticating terminal., and receives said encrypted 
session key and comparison result from said authenticating 
terminal , wherein 

said registering terminal, said authentication 
information storing servers, said authenticating terminal, 
and said application server are connected via a communication 
line. 
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[CLAIM 5] An authentication system as claimed in any 
one of claims 1 to 4 , wherein said authentication system 
includes a plurality of mirror servers each of which stores 
biometric information whose contents are identical to the 
contents of the biometric information stored in said 
authentication information storing server, and wherein 

said registering terminal transmits said encrypted 
biometric information to said authentication information 
storing server or to any one of said plurality of mirror 
servers, and 

said authenticating terminal receives said encrypted 
biometric information from said authentication information 
storing server or from any one of said plurality of mirror 
servers . 

[Problems to be Solved by the Invention] However, in the 
above-described user authentication using digital signatures, 
once t a digital signature is registered in a user terminal 
such as a computer, it is only required to enter a password 
at the time of user authentication; therefore, if the 
password becomes known to a person other than the legitimate 
user, there is no way to prevent that person from 
masquerading at the user terminal. That is, the association 
between the legitimate user and the digital signature is 
necessary only when acquiring the digital signature from a 
certification authority or the like, and no protection has 
been provided against social hacking such as password 
leakage . 

[0010] On the other hand, the "Remote Authentication System" 
disclosed in Japanese Unexamined Patent Publication No. 2000- 
092046 has had the problem that, as the biometric information 
can be decrypted at the authenticating server side, the 
information cannot be fully protected if a malicious 
operation is performed at the server side* 
[0011] Here, the biometric information to be compared 
against, that is, the registered biometric information, could 
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be recorded in a transportable recording medium, but this 
would not be realistic because the size of biometric 
information is generally very large compared with a digital 
signature and hence requires the use of a large-capacity 
recording medium. Furthermore, if the recording medium is 
stolen, there is a substantial risk of the biometric 
information being analyzed, increasing the threat of 
masquerading . 

[0012] The present invention has been devised to solve the 
above problems, and an object of the invention is to achieve 
an authentication system that enables user authentication to 
be performed in a secure and reliable manner even between 
different terminals . 

[Embodiments of the Invention] Embodiments of an 
authentication system according to the present invention will 
be described in detail below with reference to the drawings. 
Here, it should be understood that the present invention is 
in no way limited by the specific embodiments described 
herein . 

[0024] Embodiment 1. First, an authentication system 
according to a first embodiment will be described. The 
authentication system of the first embodiment is 
characterized in that, using a registering terminal, 
biometric information such as a user's fingerprint, iris, or 
handwriting is encrypted and registered in advance with an 
authentication information storing server and, at the same 
time, its encryption and decryption key information, 
registering terminal type information, and user ID 
information are recorded in a transportable personal 
information storage medium, and in that when performing 
authentication on an authenticating terminal, the encrypted 
biometric information obtained from the authentication 
information storing server is decrypted using the encryption 
key recorded in the personal information storage medium, and 
the decrypted biometric information is compared with newly 
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input biometric information to authenticate the identity of 
the user. 

[0025] Figure 1 is a block diagram showing in simplified 
form the configuration of the authentication system according 
to the first embodiment. In Figure 1, the authentication 
system of the first embodiment comprises an authentication 
information storing server 10, a registering terminal 20, and 
an authenticating terminal 40, which are connected via a 
communication line 9 so as to be able to communicate with 
each other. 

[0026] The authentication information storing server 10 is 
similar in configuration to an Web server on the Internet, 
and is actually a conventional computer system. However, the 
authentication information storing server 10 here is 
configured to register and store the personal authentication 
information transmitted from the registering terminal 20, and 
to transmit the stored personal authentication information in 
response to a request from the authenticating terminal 40. 
[0027] The registering terminal 20 is similar in 
configuration to a desktop computer, notebook computer, PDA 
(Personal Digital Assistant), portable telephone, or the 
like, that can use various kinds of services such as 
electronic commerce provided via the communication line 9, 
and includes a personal authentication information input 
section 22 on which biometric information can be input and a 
personal information storage medium 30. 

[0028] The authenticating terminal 40 includes, in addition 
to the personal information storage medium 30, a personal 
authentication information input section 42 similar in 
configuration to the personal authentication information 
input section 22 of the registering terminal 20, the entire 
configuration thus being the same as that of the registering 
terminal 20. Accordingly, there is no particular distinction 
in configuration between the registering terminal 20 and the 
authenticating terminal 40, but it is at least required that 
the personal authentication information input sections 22 and 
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42 and the slot capable of loading the personal information 
storage medium 30 conform to the same specifications between 
the two terminals. 

[0029] For example, when the user's fingerprint is input as 
the biometric information, the personal authentication 
information input sections 22 and 42 are fingerprint 
scanners, and when the user's handwriting is input as the 
biometric information, they are input pads such as tablets on 
which handwriting can be input using a stylus pen. 
[0030] The personal information storage medium 30 is a 
nonvolatile storage medium that is easy to carry, for 
example, a magnetic card, a flash memory card, or an IC card. 
Accordingly, the registering terminal 20 is provided with a 
slot capable of loading the personal information storage 
medium 30. 

[0031] The communication line 9 may be wired or wireless, 
and use may be made of a public telephone network or a leased 
line. The term also includes an IP network, such as the 
Internet, constructed over such communication lines. 
[0032] The operation of the authentication system according 
to the first embodiment will be described below. Figure 2 is 
a flowchart illustrating the operation of the authentication 
system according to the first embodiment. In Figure 2, first 
the user inputs via the personal authentication information 
input section 22 of the registering terminal 20 the user's 
own biometric information that can be input on the personal 
authentication information input section 22 (step S101). For 
example, when the personal authentication information input 
section 22 is a fingerprint scanner, the registering terminal 
20 extracts feature points based on feature point matching 
from the fingerprint image captured by the fingerprint 
scanner, and acquires the extracted feature point information 
as the biometric information. 

[0033] Next, the registering terminal 20 applies encryption 
to the acquired biometric information by using a prescribed 
encryption key el (step S102). This encryption key el is 
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recorded in the personal information storage medium 3 0 
together with the user ID information, the type information 
of the registering terminal 20 , etc. 

[0034] After that, the registering terminal 20 transmits the 
encrypted biometric information together with the user ID 
information, the type information of the registering terminal 
20, etc, to the authentication information storing server 10 
via the communication line 9 (step S103). Upon receiving the 
registration information including the encrypted biometric 
information, the authentication information storing server 10 
registers the registration information in a personal 
authentication information database 12 (step S201). 
[0035] When the registration of the biometric information is 
completed in the above procedure, the user removes the 
personal information storage medium 30 from the registering 
terminal 20, and keeps it in a safe and secure manner, for 
example, by carrying it with him, until it becomes necessary 
for authentication on the authenticating terminal 40. In 
particular, the personal information storage medium 30 may 
also be provided with the function of an ID card that is used 
for other authentication purposes such as when entering or 
leaving an access-controlled building or when using 
electronic money; in that case, the user is spared the 
necessity of carrying a plurality of recording media and the 
confusion when using the recording media. 

[0036] Next, when using the authenticating terminal 40 which 
is different from the registering terminal 20, the user loads 
the personal information storage medium 30 into the 
authenticating terminal 40. Then, for the user 
authentication that the authenticating terminal 40 requests 
when the user uses the authenticating terminal 40 by itself 
or to receive services provided via the communication line 9, 
the user inputs his biometric information via the personal 
authentication information input section 42 of the 
authenticating terminal 40 in the same manner as when 
inputting the biometric information using the registering 
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terminal 20 (step S301). 

[0037] The authenticating terminal 40 temporarily stores the 
biometric information input by the user, and transmits, 
together with the user ID information, the type information 
of the registering terminal 20, etc. recorded in the personal 
information storage medium 30, a request to the 
authentication information storing server 10 for transmission 
of the registered personal authentication information, that 
is, the encrypted biometric information (step S302). 
[0038] Upon receiving the personal authentication 
information request from the authenticating terminal 40, the 
authentication information storing server 10 retrieves from 
the personal authentication information database 12 the 
encrypted biometric information that matches the user ID 
information, the type information of the registering terminal 
20, etc. contained in the personal authentication information 
request, and transmits the biometric information to the 
authenticating terminal 40 (step S202). 

[0039] When the encrypted biometric information is received 
from the authentication information storing server 10, the 
authenticating terminal 40 decrypts the encrypted biometric 
information by using the encryption key el recorded in the 
personal information storage medium 30 (step S303). Then, 
the authenticating terminal 4 0 compares the decrypted 
biometric information with the biometric information input in 
step S301, and determines whether they match or not (step 
S304 ) . 

[0040] When it is determined that they match, the 
authenticating terminal 40 makes a transition to a state in 
which the authenticating terminal 40 can be used by itself or 
used to receive services via the communication line 9, and 
displays a message or the like to that effect. Conversely, 
when they do not match, a message or warning or the like 
prompting the user to reenter biometric information is 
displayed. 

[0041] As described above, according to the authentication 
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system of the first embodiment, as the preregistered 
biometric information is managed by the externally located 
authentication information storing server 10 , personal 
authentication can be easily accomplished even when the user 
desires to use a terminal , for example, the authenticating 
terminal 40, that is different from the registering terminal 
20 that the user used at the time of registration. 
[0042] Furthermore, as the encryption key el is recorded in 
the personal information storage medium 30 that can be used 
between different terminals, the biometric information 
encrypted with the encryption key el can be decrypted using 
the personal information storage medium 30, which means that 
the biometric information can be prestored in encrypted form 
in the authentication information storing server 10. In 
other words, user authentication cannot be done on a terminal 
not loaded with the personal information storage medium 30, 
and this ensures high security. 

[0043] Moreover, since the personal information storage 
medium 30 need only hold at least the encryption/decryption 
key information, a memory amount used in the personal 
information storage medium 30 is small even if the size of 
the biometric information is large. Suppose, for example, 
that the biometric information is fingerprint information; in 
this case, even when fingerprint scanners differ between a 
plurality of authenticating terminals, it becomes possible to 
perform personal authentication on any terminal by 
preregistering fingerprint information for each different 
fingerprint scanner for the same user, as long as the 
specification of the fingerprint scanner of the registering 
terminal 20 matches that of the fingerprint scanner of the 
authenticating terminal 40. 

[0044] This also means that not only the same kind of 
biometric information but also different kinds of biometric 
information can be used by preregistering them for the same 
user. For example, when fingerprint information and 
handwriting information for the same user are preregistered 
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in encrypted form with the authentication information storing 
server 10, user authentication can be done on a terminal 
equipped with an input pad as well as on a terminal equipped 
with a fingerprint scanner. That is, by using the 
registering terminal type information, a plurality of 
different authentication mechanisms can be used selectively. 
[0045] Embodiment 2. Next, an authentication system 
according to a second embodiment will be described. The 
authentication system of the second embodiment is 
characterized in that when user authentication is requested 
from an application server providing electronic commerce 
transaction and other services, a session key encrypted with 
a public key is received from the application server and is 
decrypted using a private key to recover the session key; 
then, the thus recovered session key and the result of the 
comparison done in the authentication system of the first 
embodiment are encrypted with the private key and returned to 
the application server, thus achieving highly reliable user 
authentication at the application server. 

[0046] Figure 3 is a block diagram showing, in simplified 
form, the configuration of the authentication system 
according to the second embodiment. In Figure 3, the same 
constituent elements as those in Figure 1 are designated by 
the same reference numerals , and a description thereof will 
be omitted here. The authentication system shown in Figure 3 
differs from that of Figure 1 in that not only the encryption 
key el but also information of a private key Esl is stored in 
the personal information storage medium 30 to be loaded into 
the registering terminal 20 and the authenticating terminal 
40, and in that the system includes an application server 50. 
[0047] The application server 50 here is connected to the 
communication line 9 and provides various services such as 
electronic commerce transactions; further, the application 
server 50 acquires a public key to be paired with the private 
key Esl, and issues a session key Ksl to the authenticating 
terminal 40 as part of a user authentication procedure. This 
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server is a computer system similar in configuration to the 
authentication information storing server 10, 
[0048] The operation of the authentication system according 
to the second embodiment will be described below. Figure 4 
is a flowchart illustrating the operation of the 
authentication system according to the second embodiment. In 
the operation of the authentication system according to the 
second embodiment, steps S101 to S103, S201, S202, and S301 
to S304 are the same as the corresponding steps shown in 
Figure 2, and a description of these steps will not be 
repeated here. Among them, steps S101 to S103 and S201 shown 
in Figure 2 are not shown in Figure 4 to simplify the 
explanation . 

[0049] Accordingly, the operation that follows the 
comparison (step S304) done in the authenticating terminal 40 
will be described here. Suppose that after the comparison is 
done in the authenticating terminal 40, the user accesses the 
application server 50 with a desire to receive services 
provided by the application server 50; in this case, the 
application server 50 first generates a session key for that 
access by using random numbers. Next, the application server 
50 encrypts the generated session key by using the public key 
Epl acquired in advance (step S401), and transmits the 
session key to the authenticating terminal 40 (step S402). 
The public key Epl acquired in advance by the application 
server 50 is a key specific to the user desiring to use the 
services provided by the application server 50, and is to be 
paired with the private key Esl that the user holds. 
[0050] The acquisition of the public key Epl by the 
application server 50 is accomplished, for example, by the 
application server 50 giving an instruction to the effect 
that the public key Epl is transmitted to the user when the 
user has accessed the application server 50 for the first 
time. The user may acquire the pair of keys, i.e., the 
public key Epl and the private key Esl specific to the user, 
from a certification authority which is a trusted third party 
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body, or may acquire them by having the authentication 
information storing server 10 issue them; that is, the method 
of acquisition is not specifically limited. 

[0051] When the encrypted session key is received from the 
application server 50, the authenticating terminal 40 
decrypts the session key by using the private key Esl 
recorded in the personal information storage medium 30 (step 
S305). Further, the authenticating terminal 40, using the 
private key Esl, encrypts the message indicating the result 
of the comparison done in step S304 and the session key 
decrypted in step S305 (step S306), and transmits them to the 
application server 50 (step S307). 

[0052] When the encrypted comparison result and session key 
are received from the authenticating terminal 40, the 
application server 50 decrypts them by using the public key 
Epl, and checks whether the decrypted comparison result 
indicates a match and whether the decrypted session key 
matches the session key transmitted to the authenticating 
terminal 40 in step S402 (step S403). If they match, it is 
determined that the access is from a legitimate user, and the 
application server 50 provides services by means of 
cryptographic communication combining the so-called common 
key cryptography and public key cryptography, using the above 
session key or a newly generated session key and the private 
key /public key pair. 

[0053] In this way, when providing services to the 
authenticating terminal 40, the application server 50 usually 
issues a session key to enhance the security; in this 
embodiment, the session key is utilized for user 
authentication . 

[0054] As described above, according to the authentication 
system of the second embodiment, in addition to the 
authentication system configuration of the first embodiment, 
information of the private key Esl is recorded in the 
personal information storage medium 30, and the session key 
issued by the application server 50 and the result of the 
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biometric information comparison done in the authenticating 
terminal 40 are transferred using public key cryptography, 
thereby accomplishing the user authentication requested by 
the application server 50; accordingly, in addition to the 
effect of the first embodiment, the second embodiment can 
achieve highly reliable user authentication when seen from 
the application server 50. 

[0055] Embodiment 3. Next, an authentication system 
according to a third embodiment will be described. The 
authentication system of the third embodiment is 
characterized in that a plurality of authentication 
information storing servers, each identical to the one shown 
in the first embodiment, are installed, and in that the 
authentication information storing servers each include a 
personal authentication information database whose contents 
are the same between the different servers. 

[0056] Figure 5 is a block diagram showing, in simplified 
form, the configuration of the authentication system 
according to the third embodiment. In Figure 5, the same 
constituent elements as those in Figure 1 are designated by 
the same reference numerals, and a description thereof will 
be omitted here. The authentication system shown in Figure 5 
differs from that of Figure 1 in that the system includes a 
plurality of authentication information storing servers 10-1 
to 10-n. 

[0057] In particular, the personal authentication 
information database 12 provided in each authentication 
information storing server stores the same contents, so that 
the registering terminal 20 and the authenticating terminal 
40 can perform processing for registration or biometric 
information acquisition with any authentication information 
storing server . 

[0058] For example, when the registering terminal 20 has 
registered biometric information with the authentication 
information storing server 10-1 as described in the first 
embodiment, the authentication information storing server 10- 
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1 reports any changes associated with the registration to the 
other authentication information storing servers 10-2 to 10- 
n, which then update the contents of their personal 
authentication information databases 12 accordingly. 
[0059] That is, the authentication information storing 
servers 10-1 to 10-n are in the relationship of mirror 
servers relative to each other, and always hold the biometric 
information as identical contents. Accordingly, the 
authentication terminal 40 can acquire the latest biometric 
information from any of the authentication information 
storing servers. Here, the authentication information 
storing server located at the shortest distance in terms of 
the communication route length may be preregistered in the 
authenticating terminal 40 so that the preregistered 
authentication information storing server may usually be 
used. Here, provisions can be made to automatically to 
switch to another authentication information storing server 
when the preregistered authentication information storing 
server fails due to some trouble. 

[0060] As described above, according to the authentication 
system of the third embodiment, since the biometric 
information is duplicated across the plurality of 
authentication information storing servers 10-1 to 10-n, if 
any one of the servers has failed the information can be 
retrieved from another server and decrypted, and reliable 
authentication can thus be ensured. Further, if the 
authentication information storing server having fast 
response speed is preregistered as the server to be used 
usually, quick authentication can be achieved irrespective of 
the network traffic condition, and even when the terminal 
that issued an authentication request and the registering 
terminal are located at geographically separated sites, the 
authentication can be done without being affected by the 
geographic separation . 

[0061] Embodiment 4. Next, an authentication system 
according to a fourth embodiment will be described. The 
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authentication system of the fourth embodiment is 
characterized in that the biometric information input on the 
registering terminal is divided into a plurality of pieces of 
information which , after each piece of information is 
encrypted, are distributed across a plurality of 
authentication information storing servers for storage, and 
in that the encryption/decryption key information, 
registering terminal type information, user ID information, 
and information about the authentication information storing 
servers across which the biometric information has been 
distributed for storage are recorded in a transportable 
personal information storage medium. 

[0062] Figure 6 is a block diagram, showing in simplified 
form, the configuration of the authentication system 
according to the fourth embodiment. In Figure 6, the 
authentication system according to the fourth embodiment 
comprises first to nth authentication information storing 
servers 100(1) to 100 (n), a registering terminal 120, and an 
authenticating terminal 140, which are connected via a 
communication line 9 so as to be able to communicate with 
each other. 

[0063] The first to nth authentication information storing 
servers 100(1) to 100 (n) are each similar in configuration to 
the authentication information storing server 10 described in 
the first embodiment. However, the first to nth 
authentication information storing servers 100(1) to 100 (n) 
here respectively hold different pieces of biometric 
information . 

[0064] The registering terminal 120 is similar in 
configuration to the registering terminal 20 described in the 
first embodiment in that it comprises a personal 
authentication information input section 122 plus the 
personal information storage medium 30, but differs by the 
inclusion of an authentication information dividing section 
124. The authentication information dividing section 124 is 
a means for dividing the biometric information, input via the 
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personal authentication information input section 122, into a 
plurality of pieces of information. For example, when a 
fingerprint image is captured by the personal authentication 
information input section 122, feature points based on 
feature point matching are extracted from the fingerprint 
image, and the extracted feature point information is divided 
into a plurality of pieces of information according to their 
kinds such as an end point or a branching point, their 
positions, and the spacing between ridges. 
[0065] The authenticating terminal 140 is similar in 
configuration to the authenticating terminal 40 described in 
the first embodiment in that it comprises a personal 
authentication information input section 142 plus the 
personal information storage medium 30, but differs by the 
inclusion of an authentication information merging section 
144. The authentication information merging section 144 is a 
means for reconstructing the original biometric information 
by merging together the biometric information divided by the 
authentication information dividing section 124. 
[0066] The personal information storage medium 30 is, as in 
the first embodiment, a nonvolatile storage medium that is 
easy to carry, and the communication line 9 is no different 
from that shown in the first embodiment. 

[0067] The operation of the authentication system according 
to the fourth embodiment will be described below. Figure 7 
is a flowchart illustrating the operation of the 
authentication system according to the fourth embodiment. In 
Figure 7, as in the first embodiment, the user first inputs 
via the personal authentication information input section 122 
of the registering terminal 120 the user's own biometric 
information that can be input on the personal authentication 
information input section 122 (step Sill). 
[0068] Next, the biometric information acquired by the 
registering terminal 120 is divided by the authentication 
information dividing section 12 4 into a predetermined 
plurality of pieces of biometric information (step S112). In 
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particular, the information is divided in such a manner as to 
correspond with the types of information to be stored in the 
first to nth authentication information storing servers 
100(1) to 100(n), respectively. 

[0069] Further, the registering terminal 120 applies 
encryption to each piece of biometric information by using a 
prescribed encryption key el (step S113). This encryption 
key el is recorded in the personal information storage medium 
30 together with the user ID information, the type 
information of the registering terminal 120, etc. The 
encryption key el used here to encrypt the divided biometric 
information may be common to each piece of information or may 
be different for each piece of information. This encryption 
key el is recorded in the personal information storage medium 
30 together with the user ID information, the type 
information of the registering terminal 120, and the server 
information of the first to nth authentication information 
storing servers 100(1) to 100 (n) where the biometric 
information is registered. 

[0070] Next, based on the server information recorded in the 
personal information storage medium 30, the registering 
terminal 120 transmits the encrypted pieces of biometric 
information via the communication line 9 to the first to nth 
authentication information storing servers 100(1) to 100 (n) 
together with the user ID information, the type information 
of the registering terminal 120, etc. (step S114). Upon 
receiving the registration information including the 
encrypted biometric information, each of the first to nth 
authentication information storing servers 100(1) to 100 (n) 
registers the registration information in its personal 
authentication information database 12 (step S211). 
[0071] When the registration of the biometric information is 
completed in the above procedure, the user removes the 
personal information storage medium 30 from the registering 
terminal 120, and keeps it in a safe and secure manner, for 
example, by carrying it with him, as described in the first 
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embodiment, until it becomes necessary for authentication on 
the authenticating terminal 140. 

[0072] Next, when using the authenticating terminal 140, the 
user loads the personal information storage medium 30 into 
the authenticating terminal 140. Then, for the user 
authentication that the authenticating terminal 140 requests 
when the user uses the authenticating terminal 140 by itself 
or to receive services provided via the communication line 9, 
the user inputs his biometric information via the personal 
authentication information input section 142 of the 
authenticating terminal 140 in the same manner as when 
inputting the biometric information using the registering 
terminal 120 (step S311). 

[0073] The authenticating terminal 140 temporarily stores 
the biometric information input by the user, and transmits, 
together with the user ID information, the type information 
of the registering terminal 120, etc. recorded in the 
personal information storage medium 30, a request to each of 
the first to nth authentication information storing servers 
100(1) to 100(n) determined by the server information 
recorded in the personal information storage medium 30 for 
transmission of the registered personal authentication 
information, that is, the encrypted biometric information 
(step S312) . 

[0074] Upon receiving the personal authentication 
information request from the authenticating terminal 140, 
each of the first to nth authentication information storing 
servers 100(1) to 100 (n) retrieves from its personal 
authentication information database 12 the encrypted 
biometric information that matches the user ID information, 
the type information of the registering terminal 120, etc. 
contained in the personal authentication information request, 
and transmits the biometric information to the authenticating 
terminal 140 (step S212). 

[0075] When the encrypted biometric information is received 
from each of the first to nth authentication information 
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storing servers 100(1) to 100 (n), the authenticating terminal 
140 decrypts the encrypted biometric information by using the 
encryption key el recorded in the personal information 
storage medium 30 (step S313). Further, in the 
authenticating terminal 140, the authentication information 
merging section 144 reconstructs the original biometric 
information by merging together the plurality of pieces of 
biometric information thus decrypted (step S314). 
[0076] Then, the authenticating terminal 140 compares the 
thus reconstructed biometric information with the biometric 
information input in step S3 11, and determines whether they 
match or not (step S3 15). 

[0077] When it is determined that they match, the 
authenticating terminal 140 makes a transition to a state in 
which the authenticating terminal 140 can be used by itself 
or used to receive services via the communication line 9, and 
displays a message or the like to that effect. Conversely, 
when they do not match, a message or warning or the like 
prompting the user to reenter biometric information is 
displayed. 

[0078] As described above, according to the authentication 
system of the fourth embodiment, not only can the effect 
achieved by the first embodiment be obtained, but as the 
registration information is registered by distributing it 
across a plurality of authentication information storing 
servers, and the distributed pieces of information are 
retrieved from the servers and merged together at the time of 
authentication, the embodiment can also offer the effect of 
being able to avoid centrally managing the biometric 
information at a single server. Further, as each 
authentication information storing server only holds a 
fragment of the biometric information, user authentication 
cannot be done by using only the biometric information stored 
in one authentication information storing server; this 
ensures high security. 

[0079] Moreover, as the personal information storage medium 
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30 which is carried from one terminal to another need only 
hold at least the server information designating the 
authentication information storing servers across which the 
biometric information is distributed and the types of the 
distributed pieces of biometric information, no strain is put 
on the capacity of the personal information storage medium 30 
even if the size of the biometric information is large. 
[0080] Embodiment 5. Next, an authentication system 
according to a fifth embodiment will be described. The 
authentication system of the fifth embodiment is 
characterized in that a plurality of authentication 
information storing servers, each identical to the one shown 
in the second embodiment, are installed as shown in the third 
embodiment, and in that the authentication information 
storing servers each include a personal authentication 
information database whose contents are the same between the 
different servers . 

[0081] Figure 8 is a block diagram showing, in simplified 
form, the configuration of the authentication system 
according to the fifth embodiment. In Figure 8, the same 
constituent elements as those in Figure 3 are designated by 
the same reference numerals, and a description thereof will 
be omitted here. The authentication system shown in Figure 8 
differs from that of Figure 3 in that the system includes a 
plurality of authentication information storing servers 10-1 
to 10-n, as in the system shown in Figure 5. 

[0082] As described above, according to the authentication 
system of the fifth embodiment, not only can the effect 
achieved by the second embodiment be obtained, but since the 
biometric information is duplicated across the plurality of 
authentication information storing servers 10-1 to 10-n, the 
embodiment can also offer the effect of achieving reliable 
authentication, because if any one of the servers has failed, 
the information can be retrieved from another server and 
decrypted. Further, if the authentication information 
storing server having fast response speed is preregistered as 
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the server to be used usually, quick authentication can be 
achieved irrespective of the network traffic condition, and 
even when the terminal that issued an authentication request 
and the registering terminal are located at geographically 
separated sites, the authentication can be done without being 
affected by the geographic separation. 

[0083] Embodiment 6. Next, an authentication system 
according to a sixth embodiment will be described. The 
authentication system of the sixth embodiment is 
characterized in that each of the first to nth authentication 
information storing servers shown in the fourth embodiment is 
configured as an array of plurality of servers as shown in 
the third embodiment. 

[0084] Figure 9 is a block diagram showing, in simplified 
form, the configuration of the authentication system 
according to the sixth embodiment. In Figure 9, the same 
constituent elements as those in Figures 5 and 6 are 
designated by the same reference numerals, and a description 
thereof will be omitted here. The authentication system 
shown in Figure 9 differs from that of Figure 6 in that a 
plurality of mirror servers are provided for each of the 
first to mth authentication information storing servers 10- 
1(1) to 10-1 (m). For example, a plurality of first 
authentication information storing servers 10-2(1) to 10- 
n(l), in which the same biometric information is stored, are 
provided for the first authentication information storing 
server 10-1 ( 1 ) . 

[0085] As described above, according to the authentication 
system of the sixth embodiment, a plurality of mirror servers 
are provided as shown in the third embodiment for each of the 
first to mth authentication information storing servers 10- 
1(1) to 10-1 (m) across which the divided biometric 
information is distributed as in the authentication system of 
the fourth embodiment; accordingly, not only the effect 
achieved by the fourth embodiment, but also the effect 
achieved by the third embodiment can be obtained. 
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[0086] It will be appreciated that the configuration in 
which the divided biometric information is distributed across 
the plurality of authentication information storing servers 
each of which is provided with a plurality of mirror servers, 
as shown in the sixth embodiment, can also be applied to the 
authentication system of the second embodiment. 
[0087] 

[Advantageous Effect of the Invention] As described above, 
according to the present invention, the preregistered 
biometric information is managed by the externally located 
authentication information storing server ; accordingly, even 
when the user desires to use a terminal, for example, the 
authenticating terminal, that is different from the 
registering terminal that the user used at the time of 
registration, personal authentication involving encryption 
can be done by just moving the personal information storage 
medium from one terminal to the other, while on the other 
hand, user authentication cannot be done on a terminal not 
loaded with the personal information storage medium; this 
offers the effect of ensuring high security . 
[0088] According to another aspect of the invention, 
encryption key and private key information is recorded in the 
personal information storage medium, and the session key 
issued by the application server and the result of the 
biometric information comparison done in the authenticating 
terminal are transferred using public key cryptography; this 
offers the effect of being able to accomplish with high 
reliability the user authentication requested by the 
application server . 

[0089] According to another aspect of the invention, as the 
registration information is registered by distributing it 
across a plurality of authentication information storing 
servers, and the distributed pieces of information are 
retrieved from the servers and merged together at the time of 
authentication, it becomes possible to avoid centrally 
managing the biometric information at a single server, and as 
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a result, user authentication cannot be done by using only 
the biometric information stored in one authentication 
information storing server; this offers the effect of 
ensuring high security. 

[0090] According to another aspect of the invention, as the 
registration information is registered by distributing it 
across a plurality of authentication information storing 
servers, and the distributed pieces of information are 
retrieved from the servers and merged together at the time of 
authentication, and as encryption key and private key 
information is recorded in the personal information storage 
medium, and the session key issued by the application server 
and the result of the biometric information comparison done 
in the authenticating terminal are transferred using public 
key cryptography, not only does it become possible to avoid 
centrally managing the biometric information at a single 
server, ensuring high security, but there is also offered the 
effect of being able to accomplish with high reliability the 
user authentication requested by the application server. 
[0091] According to another aspect of the invention, as the 
biometric information is duplicated across the plurality of 
authentication information storing servers, if any one of the 
servers has failed the information can be retrieved from 
another server and decrypted, thus offering the effect of 
achieving reliable authentication. 
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